nixos-config/nixos/roles/foundryvtt.nix

{pkgs, ...}: let
  name = "foundryvtt";
  stateDir = "/var/lib/${name}";
  dataDir = "${stateDir}/data";
  configFile = "${dataDir}/Config/options.json";
  config = {
    port = 3333;
    upnp = false;
    hostname = "rpg.maralorn.de";
    routePrefix = null;
    proxySSL = true;
    proxyPort = null;
    minifyStaticFiles = true;
    updateChannel = "release";
  };
  declarativeConfigFile = builtins.toFile "foundry-options.json" (builtins.toJSON config);
in {
  config = {
    systemd.services."${name}" = {
      wantedBy = ["multi-user.target"];
      description = "Foundryvtt server";
      preStart = ''
        mkdir -p ${dataDir}
        if [[ -f "${configFile}" ]]; then
          tempfile=$(mktemp)
          cp "${configFile}" "$tempfile"
          ${pkgs.jq}/bin/jq ".[0] * .[1]" -s "$tempfile" "${declarativeConfigFile}" > "${configFile}"
        else
          cp "${declarativeConfigFile}" "${configFile}"
        fi
        if [[ ! -f "${stateDir}/app/resources/app/main.js" ]]; then
          echo "No ${name} app found. Please download zip from foundryvtt.com and extract to ${stateDir}/app"
        fi
      '';
      serviceConfig = {
        StateDirectory = "${name}";
        WorkingDirectory = stateDir;
        DynamicUser = true;
        Restart = "always";
        Environment = "HOME=${stateDir}";
        ExecStart = "${pkgs.nodejs}/bin/node ${stateDir}/app/resources/app/main.js --dataPath=\"${dataDir}\"";
      };
    };
    services = {
      nginx = {
        virtualHosts = {
          "${config.hostname}" = {
            extraConfig = ''
              client_max_body_size 300M;
              proxy_set_header Host $host;
            '';
            forceSSL = true;
            enableACME = true;
            locations = {
              "/" = {
                proxyPass = "http://[::1]:${toString config.port}";
                proxyWebsockets = true;
                extraConfig = ''
                  proxy_set_header Host $host;
                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                  proxy_set_header X-Forwarded-Proto $scheme;
                  if ($query_string ~ "pw=([A-Za-z]*)") {
                     add_header Set-Cookie "password=$1; path=/; Max-Age=${toString (365 * 24 * 60 * 60)}; Secure";
                     return 303 /;
                  }
                  if ($http_cookie !~ "password=${pkgs.privateValue "" "foundry-pw"}") {
                     return 303 /logout;
                  }
                '';
              };
              "/login".extraConfig = ''
                more_set_headers 'Content-Type: text/html';
                return 200 '<!DOCTYPE html><html><head><meta charset="UTF-8"></head><body><form style="text-align: center; margin: 250px auto; width: 500px;" action="/" method="get"><label for="pw">Passwort: </label><input type="password" name="pw"><input type="submit" value="login"></form></html></body>';
              '';
              "/logout".extraConfig = ''
                add_header Set-Cookie 'password=""; Max-Age=0';
                return 303 /login;
              '';
            };
          };
        };
      };
    };
  };
}
Disable nix-linter hook 2022-03-08 04:53:07 +00:00			`{pkgs, ...}: let`
Install foundryvtt 2021-01-23 09:17:30 +00:00			`name = "foundryvtt";`
			`stateDir = "/var/lib/${name}";`
Improve foundry config 2021-06-05 14:08:19 +00:00			`dataDir = "${stateDir}/data";`
			`configFile = "${dataDir}/Config/options.json";`
			`config = {`
			`port = 3333;`
			`upnp = false;`
			`hostname = "rpg.maralorn.de";`
			`routePrefix = null;`
			`proxySSL = true;`
			`proxyPort = null;`
			`minifyStaticFiles = true;`
			`updateChannel = "release";`
			`};`
			`declarativeConfigFile = builtins.toFile "foundry-options.json" (builtins.toJSON config);`
Reformat 2022-03-08 01:42:46 +00:00			`in {`
Install foundryvtt 2021-01-23 09:17:30 +00:00			`config = {`
statix hints 2022-03-08 02:19:09 +00:00			`systemd.services."${name}" = {`
Reformat 2022-03-08 01:42:46 +00:00			`wantedBy = ["multi-user.target"];`
Install foundryvtt 2021-01-23 09:17:30 +00:00			`description = "Foundryvtt server";`
Fix various systemd configs 2021-06-05 15:01:12 +00:00			`preStart = ''`
			`mkdir -p ${dataDir}`
			`if [[ -f "${configFile}" ]]; then`
			`tempfile=$(mktemp)`
			`cp "${configFile}" "$tempfile"`
			`${pkgs.jq}/bin/jq ".[0] * .[1]" -s "$tempfile" "${declarativeConfigFile}" > "${configFile}"`
			`else`
			`cp "${declarativeConfigFile}" "${configFile}"`
			`fi`
			`if [[ ! -f "${stateDir}/app/resources/app/main.js" ]]; then`
			`echo "No ${name} app found. Please download zip from foundryvtt.com and extract to ${stateDir}/app"`
			`fi`
			`'';`
Install foundryvtt 2021-01-23 09:17:30 +00:00			`serviceConfig = {`
Improve foundry config 2021-06-05 14:08:19 +00:00			`StateDirectory = "${name}";`
Install foundryvtt 2021-01-23 09:17:30 +00:00			`WorkingDirectory = stateDir;`
Improve foundry config 2021-06-05 14:08:19 +00:00			`DynamicUser = true;`
Auto restart foundryvtt 2021-06-05 11:09:47 +00:00			`Restart = "always";`
Fix foundry by faking HOMEDIR 2021-07-13 13:59:49 +00:00			`Environment = "HOME=${stateDir}";`
Fix various systemd configs 2021-06-05 15:01:12 +00:00			`ExecStart = "${pkgs.nodejs}/bin/node ${stateDir}/app/resources/app/main.js --dataPath=\"${dataDir}\"";`
Install foundryvtt 2021-01-23 09:17:30 +00:00			`};`
			`};`
			`services = {`
			`nginx = {`
			`virtualHosts = {`
statix hints 2022-03-08 02:19:09 +00:00			`"${config.hostname}" = {`
Install foundryvtt 2021-01-23 09:17:30 +00:00			`extraConfig = ''`
			`client_max_body_size 300M;`
Improve foundry config 2021-06-05 14:08:19 +00:00			`proxy_set_header Host $host;`
Install foundryvtt 2021-01-23 09:17:30 +00:00			`'';`
			`forceSSL = true;`
			`enableACME = true;`
Add 5e.tools mirror 2022-02-06 23:52:09 +00:00			`locations = {`
			`"/" = {`
			`proxyPass = "http://[::1]:${toString config.port}";`
			`proxyWebsockets = true;`
Better logins 2022-03-27 19:05:20 +00:00			`extraConfig = ''`
			`proxy_set_header Host $host;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`proxy_set_header X-Forwarded-Proto $scheme;`
			`if ($query_string ~ "pw=([A-Za-z]*)") {`
Fix Cookies 2022-03-27 21:37:06 +00:00			`add_header Set-Cookie "password=$1; path=/; Max-Age=${toString (365 * 24 * 60 * 60)}; Secure";`
Better logins 2022-03-27 19:05:20 +00:00			`return 303 /;`
			`}`
			`if ($http_cookie !~ "password=${pkgs.privateValue "" "foundry-pw"}") {`
			`return 303 /logout;`
			`}`
			`'';`
Add 5e.tools mirror 2022-02-06 23:52:09 +00:00			`};`
Better logins 2022-03-27 19:05:20 +00:00			`"/login".extraConfig = ''`
forwards und logins 2022-04-19 10:50:32 +00:00			`more_set_headers 'Content-Type: text/html';`
Better logins 2022-03-27 19:05:20 +00:00			`return 200 '<!DOCTYPE html><html><head><meta charset="UTF-8"></head><body><form style="text-align: center; margin: 250px auto; width: 500px;" action="/" method="get"><label for="pw">Passwort: </label><input type="password" name="pw"><input type="submit" value="login"></form></html></body>';`
			`'';`
			`"/logout".extraConfig = ''`
			`add_header Set-Cookie 'password=""; Max-Age=0';`
			`return 303 /login;`
			`'';`
Install foundryvtt 2021-01-23 09:17:30 +00:00			`};`
			`};`
			`};`
			`};`
			`};`
			`};`
			`}`